MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e
SHA3-384 hash:	d1928889eb780c757c2114e8f0dcc014f1dc1c8f2d0edef61b3a9dd5528f70ffcd52c505a54e9fe028f4a72ef27dd3ac
SHA1 hash:	2500a139421f9416b52dfbea904b6c0c0783ceac
MD5 hash:	6f7414cf3c6aa1bc6ac02c863659f601
humanhash:	sodium-robin-speaker-low
File name:	c.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	1'102 bytes
First seen:	2026-01-09 04:46:44 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:3J3JvvjjKLhjj4NI7qKxjj4KOjj4IjjMJjjOL2jjEu+1jjjythjjz1jjMJAjjMBR:z3/sh/9qKx/4x/4I/y/O6/S1/C/z1/MV
TLSH	T1C711DD7C94AC17D71F548D2C96DE485CC7078AC3F4D20B2CE104A4F650A62E06B483FE
Magika	txt
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

73

Origin country :

DE

Vendor Threat Intelligence

ACCE Unknown

No detections

ClamAV Detected

Detection(s):

SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Likely Malicious

Verdict:

Likely Malicious

Threat level:

  7.5/10

Confidence:

100%

Tags:

mirai

Link:

https://www.filescan.io/uploads/6960884640358be74af84093/reports/953f963b-1787-41d6-95b6-b544631b767f/overview

InQuest

Result

Gathering data

Kaspersky OpenTIP Unknown

Verdict:

Unknown

File Type:

Link:

https://opentip.kaspersky.com/8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/3ee9c110-a693-484c-b0d6-fd8c2d76b0b3

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e/

Neiki Family.MIRAI

Verdict:

Malicious

Threat:

Family.MIRAI

Link:

https://tip.neiki.dev/file/8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e

ReversingLabs TitaniumCloud Linux.Worm.Mirai

Threat name:

Linux.Worm.Mirai

Alert

Create hunting rule

Status:

Malicious

First seen:

2026-01-09 04:34:38 UTC

File Type:

Text (Shell)

AV detection:

11 of 36 (30.56%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=rutrsfdsvutzftajxlgoq4xdoeihdrestfc475km3xgngg5cc5pa._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/260109-felrrsez4d/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/8d27191472ad2792cc09bacce872e3711071c4929945cff54cddccd31ba2175e